Using Puppet to manage preexistin
Source: Puppet user list
On 16/05/12 13:07, Mister IT Guru wrote:I've done this a lot. Unfortunately the only way you'll be absolutely sure that Puppet isn't breaking something is to look at the log/report of each host. You can do breadth first: get Puppet everywhere just managing itself, then slowly add managed resources to Puppet. Or you can do depth first: get Puppet managing everything on one machine, prove to your cluster manager that this one machine still works, then teach other people how to convert a cluster node to Puppet and check the logs (might be faster in your case).
Good Afternoon Puppet List,
I'm investigating the possibility of using puppet to take over an already existing cluster of servers. Ordinarily this doesn't sound like anything out the ordinary, but I've had my hands tied by the cluster owner saying he doesn't want anything to break/fail while I'm wrestling the cluster to be under my control.
Ordinarily, I'd say lets upgrade your working practices while we're at it, and properly manage your whole workflow, manage access and manage who can make changes. Lets start by rebuilding your boxes to specification, and migrating your existing data over. Sounds great, "Client says no" huh? - Now I need to rethink my strategy.
I was planning on using my current manifests, but I think I'll end up over writing some config file that had a critical setting in it, or change a password somewhere. Usually, I'm not too worried about that, but it did occur to me that I don't have any real sanity checks in my modules.
• Are there any recommended ways of using puppet to take over a production environment?
• How can I ensure that when I'm spreading my manifests across the globe, I mean cluster, that any changes can be reverted?
• I understand that every file puppet changes, gets backed up? Where? (embarrassed he doesn't know!)
• Finally, can I force puppet to replace changed files, or is this a manual process?